Security and Compliance in AWS Cloud
In this episode of the Virtual Coffee with Ashish edition for Cloud Security Podcast, we spoke with Alexander J Yawn - ISC2 Miami Board Member | NABCRMP Founding Board Member Host: Ashish Rajan - Twitter @hashishraja Guest: Alexander J Yawn - Linkedin @AJYawn In this episode, AJ & Ashish spoke about What was your path into CyberSecurity? What does Compliance in Cloud mean for you? What is Shared Responsibility? How is Compliance different in a Hybrid world? For anyone who used to audit on-premise, is it difficult to audit cloud environments? There are so many AWS services for security, are those for monitoring or audit? Do Auditors need to be technical like Cloud Engineer to be successful as an auditor in Cloud? Auditors should be open to the idea of learning cloud? Do Auditors need to be Certified Architect? What are the some of the easy things to knocks off to start building foundation stuff? Is there a recommended time frame between audits in a cloud world? Can this Compliance task be automated? How is the GuardDuty report different to Trusted Advisor Report? Is there a company mandate to check these security services? What advice can you provide for preparing for an audit against specific compliance framework? Does a point in time check make sense in cloud? Does the cloud provider provide advice to their customer when they are not secure? How does compliance scale from a startup to an enterprise? Is there additional cost for multiple AWS Accounts? Where can auditors go to know more about doing Audits on Cloud? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai